Manualshelf

Setup Guide

ManualsBrandsDell ManualsConverged InfrastructureSecurity Solution Resources
12345678910
Executive summary
6 Enable OpenManage Secure Enterprise Key Manager (SEKM) on Dell EMC PowerEdge Servers
Executive summary
Advantages of SEKM over LKM in Dell EMC PowerEdge servers
The OpenManage SEKM enables you to use an external Key Management Server (KMS) to manage keys
that can then be used by iDRAC to lock and unlock storage devices on a Dell EMC PowerEdge server.
iDRAC requests the KMS to create a key for each storage controller, and then fetches and provides that key
to the storage controller on every host boot so that the storage controller can then unlock the SEDs.
The advantages of using SEKM over Local Key Management (LKM) are:
In addition to the LKMsupported “Theft of an SED” use case, SEKM protects from a “Theft of a server”
use case. Because the keys used to lock and unlock the SEDs are not stored on the server, attackers
cannot access data even if they steal a server.
Centralized key management at the external Key Management Server.
SEKM supports the industry standard OASIS KMIP protocol thus enabling use of any external third party
KMIP server.